9 matches found
Identity and Access Management for the Computing Continuum
The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust ZT access control solution that leverages decentralized identification and authentication mechanisms based on Decentralized...
Authentication and Authorization in Data Spaces: a Relationship-Based Access Control Approach for Policy Specification Based on ODRL
Data has become a crucial resource in the digital economy, fostering initiatives for secure and sovereign data sharing frameworks such as Data Spaces. However, these distributed environments require fine-grained access control mechanisms that balance openness with sovereignty and security. This...
Design/Logic Flaw
An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens, for other admin panel users that have a relationship e.g., created by, updated by with content accessible to the authenticated user. For example, a...
A New Approach for Combating Insider Threats
LONDON, UK – As insider attacks continue to plague the enterprise the security community is doubling down on finding new solutions to mitigate against the age-old problem. An insider threat can encompass anything from a gullible employee falling for a spearphishing email, to unaware new hires...
CVE-2015-7861
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
CVE-2015-7860
Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...
Design/Logic Flaw
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
CVE-2015-7861
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
CVE-2015-7860
Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...